Notebook Sony Vaio se zasekává

Zpráva

funkymusic · #1 Příspěvek od **funkymusic** » 03 pro 2014 18:59

Zdravím! Mám tu PC mladšího bráchy, hraje na tom dost her a brouzdá bůhví kde, občas se stane, že při hraní nějaké pc hry se notebook zasekne a je třeba dlouze podržet zapínací tlačítko a znova spustit počítač. Dále je NTB nesmírně zasekaný, otevřít prohlížeč trvalo dobré 2 minuty. Prosím o kontrolu logu, děkuji moc předem!:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Evža at 2014-12-03 18:52:21
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 321 GB (54%) free of 594 GB
Total RAM: 4078 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:53:02, on 3.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\24x7Help\App24x7Svc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\AppGraffiti\AppGraffiti.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
C:\Program Files (x86)\Inbox Toolbar\Inbox.exe
C:\Program Files (x86)\24x7Help\App24x7Help.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\24x7Help\App24x7Hook.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Opera\launcher.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Opera\26.0.1656.24\opera_autoupdate.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\RebateInformer\RebateInf.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\trend micro\Evža.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.myplaycity.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://toolbar.inbox.com/help/sa_custom ... tbid=80096
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {327f75ed-061b-4339-8cc6-5dd45ad1396d} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll
R3 - URLSearchHook: (no name) - {93a3111f-4f74-4ed8-895e-d9708497629e} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
R3 - URLSearchHook: (no name) - {a8625cb7-85fe-4936-92a4-b2a7c925209e} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Toolbar BHO - {074d3229-0a22-491b-b9dd-ff3171d75f25} - C:\PROGRA~2\MARINE~2\bar\1.bin\57bar.dll
O2 - BHO: Search Assistant BHO - {0eeaa2c3-0cd7-4364-b82e-f9257081c860} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~2\SITERA~1\SiteRank.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\progra~1\mcafee\msk\mskapbho.dll
O2 - BHO: Toolbar BHO - {312f84fb-8970-4fd3-bddb-7012eac4afc9} - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll
O2 - BHO: Zoomex - {353ACA2E-F810-BEFD-5165-DBD03B397FFC} - C:\ProgramData\Zoomex\50dc81634b339.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Users\Evža\AppData\LocalLow\MyPlayCity\prxtbMyP2.dll (file missing)
O2 - BHO: AppGraffiti - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL
O2 - BHO: Toolbar BHO - {7c8f8fe5-9785-4f74-bcf8-895ef9752d97} - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbar.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120204113951.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Search Assistant BHO - {ab5d199e-9659-47a2-930b-fc3b69061353} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Search Assistant BHO - {c547c6c2-561b-4169-a2a5-20ba771ca93b} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll
O2 - BHO: (no name) - {CCB69577-088B-4004-9ED8-FF5BCC83A039} - C:\PROGRA~2\REBATE~1\RebateI.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Inbox Toolbar - {D3D233D5-9F6D-436C-B6C7-E63F77503B30} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport.dll" (file missing)
O2 - BHO: ?????????? ???????? - {D5FEC983-01DB-414A-9456-AF95AC9ED7B5} - C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: GamingWonderland - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport.dll" (file missing)
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:\Users\Evža\AppData\LocalLow\MyPlayCity\prxtbMyP2.dll (file missing)
O3 - Toolbar: Marine Aquarium Lite - {07189b84-b33b-4a1e-9b32-ad203c983c20} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll
O3 - Toolbar: &Inbox Toolbar - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: ???????? ??????? - {91397D20-1446-11D4-8AF4-0040CA1127B6} - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll (file missing)
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [GamingWonderland Search Scope Monitor] "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [GamingWonderland Browser Plugin Loader] C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [SiteRanker] "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
O4 - HKLM\..\Run: [VideoDownloadConverter Search Scope Monitor] "C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [VideoDownloadConverter_4z Browser Plugin Loader] C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
O4 - HKLM\..\Run: [InboxToolbar] "C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP
O4 - HKLM\..\Run: [24x7HELP] "C:\Program Files (x86)\24x7Help\App24x7Help.exe" /STARTUP
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [PCSpeedUp] C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [RebateInformer] C:\Program Files (x86)\RebateInformer\RebateInf.exe /STARTUP
O4 - HKCU\..\Run: [AGupdate] C:\Program Files (x86)\AppGraffiti\AGupdate.exe
O4 - HKCU\..\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe
O4 - HKCU\..\Run: [AppGraffiti] "C:\PROGRA~2\APPGRA~1\AppGraffiti.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll
O18 - Protocol: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - C:\PROGRA~2\REBATE~1\RebateI.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~2\mcafee\msc\mcsniepl.dll
O20 - AppInit_DLLs: c:\progra~2\zoomex\sprote~1.dll c:\progra~2\simple~1\sprote~1.dll
O23 - Service: 24x7HelpService (24x7HelpSvc) - PCRx.com, LLC - C:\Program Files (x86)\24x7Help\App24x7Svc.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ask Update Service (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamingWonderlandService - COMPANYVERS_NAME - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Marine Aquarium LiteService (MarineAquarium3Free_57Service) - COMPANYVERS_NAME - C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe
O23 - Service: McAfee SiteAdvisor Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, Inc. - c:\PROGRA~1\mcafee\msc\mcawfwk.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\mcafee\VirusScan\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VideoDownloadConverterService (VideoDownloadConverter_4zService) - COMPANYVERS_NAME - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 23269 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
taskeng.exe {36869A7A-623A-40BE-AAA9-6C7289D38079}
"taskhost.exe"
"C:\Program Files (x86)\24x7Help\App24x7Svc.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
taskeng.exe {65F0BEA5-9525-4E88-969E-F57E9E6AE996}
C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe
"C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe" /McCoreSvc
"C:\Windows\system32\mfevtps.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
szndesktop.exe default start
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "110615973278577631113574085701664678796286008420793989143983443735-670697472
"C:\Program Files (x86)\AppGraffiti\AppGraffiti.exe"
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Windows\SysWOW64\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\saHook.dll", saHooker_Initialize_and_Wait
"C:\Windows\system32\rundll32.exe" "c:\PROGRA~2\mcafee\SITEAD~1\x64\saHook.dll", saHooker_Initialize_and_Wait
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
WLIDSvcM.exe 3360
"C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe"
"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files\mcafee.com\agent\mcagent.exe" /runkey
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
"C:\Program Files (x86)\Inbox Toolbar\Inbox.exe" /STARTUP
"C:\Program Files (x86)\24x7Help\App24x7Help.exe" /STARTUP
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"App24x7Hook.exe"
"App24x7Hook64.exe"
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--run_as_user_process"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
/Device:000000a1
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Opera\launcher.exe" --scheduledautoupdate
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:5504 CREDAT:275457 /prefetch:2
"C:\Program Files (x86)\Opera\26.0.1656.24\opera_autoupdate.exe" --host --pipeid=oauc_task_pipee59e7323ed1cebd78082538c8b9cbe70 --version=26.0.1656.24 --lang=cs --producttype --requesttype=automatic --downloaddir="C:\Windows\TEMP" --operadir="C:\Program Files (x86)\Opera\26.0.1656.24" --installdir="C:\Program Files (x86)\Opera" --profile="C:\Windows\TEMP" --nometrics --scheduledtask
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:924 CREDAT:275457 /prefetch:2
"C:\Program Files (x86)\RebateInformer\RebateInf.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe3_ Global\UsGthrCtrlFltPipeMssGthrPipe3 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\Windows\system32\SearchFilterHost.exe" 0 520 524 532 65536 528

C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Sony\VAIO Care\Solution.Updater.exe"
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -uploaddata
"C:\Users\Evža\Desktop\RSITx64.exe"
"C:\Program Files (x86)\Opera\launcher.exe" --forcedcheckforupdates

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default

prefs.js - "Keyword.Enabled" - "true"
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://start.myplaycity.com/"
prefs.js - "keyword.URL" - "http://search.mywebsearch.com/mywebsear ... searchfor="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@GamingWonderland.com/Plugin]
"Description"=GamingWonderland Plugin
"Path"=C:\Program Files (x86)\GamingWonderland\bar\1.bin\NPgtStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@MarineAquarium3Free_57.com/Plugin]
"Description"=Marine Aquarium Lite Plugin
"Path"=C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\progra~2\mcafee\msc\npmcsn~1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]
"Description"=VideoDownloadConverter Plugin
"Path"=C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\
4zffxtbr@VideoDownloadConverter_4z.com
50dc81634b1a8@50dc81634b1e0.com
57ffxtbr@MarineAquarium3Free_57.com
AppGraffiti@AppGraffiti.com
vb@yandex.ru
yasearch@yandex.ru
{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
{800b5000-a755-47e1-992b-48a1c1357f07}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\
yqs-barff-yandex.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\PROGRA~1\mcafee\msk\MSKAPB~1.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
AppGraffiti - C:\PROGRA~2\APPGRA~1\APPGRA~2.DLL [2014-07-09 1627072]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120129184747.dll [2011-12-06 94688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}]
C:\PROGRA~2\REBATE~1\RebInf64.dll [2014-11-21 3026304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll [2014-09-23 1576856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport_x64.dll [2014-02-08 13776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-08 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074d3229-0a22-491b-b9dd-ff3171d75f25}]
Toolbar BHO - C:\PROGRA~2\MARINE~2\bar\1.bin\57bar.dll [2014-01-28 859720]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}]
Search Assistant BHO - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll [2014-01-28 140360]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}]
C:\PROGRA~2\SITERA~1\SiteRank.dll [2012-05-15 342272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
McAfee Phishing Filter - c:\progra~1\mcafee\msk\mskapbho.dll [2010-11-25 238056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312f84fb-8970-4fd3-bddb-7012eac4afc9}]
Toolbar BHO - C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbar.dll [2012-06-10 697744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}]
Zoomex - C:\ProgramData\Zoomex\50dc81634b339.dll [2012-12-27 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}]
MyPlayCity Toolbar - C:\Users\Evža\AppData\LocalLow\MyPlayCity\prxtbMyP2.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}]
AppGraffiti - C:\PROGRA~2\APPGRA~1\APPGRA~1.DLL [2014-07-09 1014208]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}]
Toolbar BHO - C:\PROGRA~2\GAMING~2\bar\1.bin\gtbar.dll [2012-01-27 689552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}]
scriptproxy - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120204113951.dll [2011-12-06 79744]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}]
Search Assistant BHO - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtSrcAs.dll [2012-01-27 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c547c6c2-561b-4169-a2a5-20ba771ca93b}]
Search Assistant BHO - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll [2012-06-10 62864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}]
C:\PROGRA~2\REBATE~1\RebateI.dll [2014-11-21 1884544]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}]
Inbox Toolbar - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll [2014-09-23 1041816]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport.dll [2014-02-08 12240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}]
Визуальные закладки - C:\Program Files (x86)\Yandex\FastDial\fastdialhost.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport_x64.dll [2014-02-08 13776]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\Program Files (x86)\Inbox Toolbar\Inbox64.dll [2014-09-23 1576856]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]
{8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01 1089288]
{a899079d-206f-43a6-be6a-07e0fa648ea0} - GamingWonderland - C:\Program Files (x86)\GamingWonderland\bar\1.bin\gtbar.dll [2012-01-27 689552]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-08-17 1055808]
{48586425-6bb7-4f51-8dc6-38c88e3ebb58} - VideoDownloadConverter - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll [2012-06-10 697744]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AWR\Passport.dll [2014-02-08 12240]
{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - MyPlayCity Toolbar - C:\Users\Evža\AppData\LocalLow\MyPlayCity\prxtbMyP2.dll []
{07189b84-b33b-4a1e-9b32-ad203c983c20} - Marine Aquarium Lite - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll [2014-01-28 859720]
{D7E97865-918F-41E4-9CD0-25AB1C574CE8} - &Inbox Toolbar - C:\Program Files (x86)\Inbox Toolbar\Inbox.dll [2014-09-23 1041816]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
{91397D20-1446-11D4-8AF4-0040CA1127B6} - Элементы Яндекса - C:\Program Files (x86)\Yandex\Elements\bartabhost.dll []

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-03-29 518784]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-29 790688]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-29 657568]
"cdcbs"=C:\ProgramData\cdcbs.exe [2013-10-25 210944]
"Marine Aquarium Lite Home Page Guard 64 bit"=C:\PROGRA~2\MARINE~2\bar\1.bin\AppIntegrator64.exe [2014-01-28 485448]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"PCSpeedUp"=C:\Program Files (x86)\Zrychleni Pocitace\PCSUNotifier.exe [2011-12-06 187616]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-11-18 1940160]
"cz.seznam.software.autoupdate"=C:\Users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"RebateInformer"=C:\Program Files (x86)\RebateInformer\RebateInf.exe [2014-11-21 2672512]
"AGupdate"=C:\Program Files (x86)\AppGraffiti\AGupdate.exe [2013-03-19 894048]
"PhilipsSongbirdLauncher"=C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [2014-04-11 346624]
"AppGraffiti"=C:\PROGRA~2\APPGRA~1\AppGraffiti.exe [2014-07-09 1741760]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"mcui_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2011-11-22 1675160]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"GamingWonderland Search Scope Monitor"=C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe [2012-01-27 38440]
"GamingWonderland Browser Plugin Loader"=C:\PROGRA~2\GAMING~2\bar\1.bin\gtbrmon.exe [2012-01-27 30096]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-02-15 1564368]
"SiteRanker"=C:\Program Files (x86)\SiteRanker\SiteRankTray.exe [2012-05-15 320000]
"VideoDownloadConverter Search Scope Monitor"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zsrchmn.exe [2012-06-10 42536]
"VideoDownloadConverter_4z Browser Plugin Loader"=C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbrmon.exe [2012-06-10 30096]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"ApnTBMon"=C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2014-02-08 1757648]
"InboxToolbar"=C:\Program Files (x86)\Inbox Toolbar\Inbox.exe [2014-11-11 1430936]
"24x7HELP"=C:\Program Files (x86)\24x7Help\App24x7Help.exe [2014-03-07 1919840]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\McMPFSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-03 18:52:22 ----D---- C:\Program Files\trend micro
2014-12-03 18:52:21 ----D---- C:\rsit
2014-11-26 17:59:43 ----D---- C:\Program Files (x86)\Opera
2014-11-26 17:59:41 ----D---- C:\Users\Evža\AppData\Roaming\FlvPlayer
2014-11-26 16:50:03 ----D---- C:\Users\Evža\AppData\Roaming\AVAST Software
2014-11-26 16:48:10 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-11-26 16:48:06 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-11-26 16:48:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-11-26 16:48:02 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-11-26 16:47:57 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 16:47:26 ----A---- C:\Windows\avastSS.scr
2014-11-26 16:46:47 ----D---- C:\Program Files\AVAST Software
2014-11-26 16:44:02 ----D---- C:\ProgramData\AVAST Software
2014-11-26 16:43:21 ----D---- C:\Program Files (x86)\Yandex
2014-11-26 16:43:04 ----D---- C:\Users\Evža\AppData\Roaming\Opera Software
2014-11-26 16:42:51 ----D---- C:\Users\Evža\AppData\Roaming\Yandex
2014-11-26 16:41:51 ----D---- C:\Users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 12:54:58 ----D---- C:\Users\Evža\AppData\Roaming\Maxthon3
2014-11-23 12:54:28 ----D---- C:\Program Files (x86)\Maxthon
2014-11-20 20:20:00 ----D---- C:\Program Files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 12:06:31 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 12:06:31 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 12:06:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 12:06:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 13:27:09 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 13:27:08 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 13:27:04 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 13:26:59 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 13:26:59 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 13:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 13:26:59 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 13:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 13:26:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 13:26:55 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 13:26:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 13:26:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 13:26:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 13:26:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 13:26:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 13:26:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 13:26:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 13:26:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 13:26:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 13:26:16 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 13:26:16 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 13:26:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 13:26:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 13:26:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 13:26:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 13:26:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 13:26:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 13:26:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 13:26:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 13:26:12 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 13:26:12 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 13:26:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 13:26:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 13:26:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 13:26:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 13:26:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 13:26:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 13:26:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 13:26:09 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 13:26:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 13:26:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 13:26:07 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 13:26:07 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 13:26:06 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 13:26:05 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 13:26:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 13:26:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 13:26:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 13:26:01 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 13:26:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 13:26:00 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 13:26:00 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 13:25:38 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:25:37 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:25:37 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:25:37 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:25:35 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:25:35 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:25:33 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:25:33 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:25:31 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:25:31 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:25:26 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:25:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:25:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:25:25 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:25:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:25:24 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:25:24 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:25:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:25:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:25:23 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:25:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:25:22 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:24:58 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:24:58 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:24:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:24:52 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 13:24:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:24:49 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:24:38 ----A---- C:\Windows\system32\win32k.sys
2014-11-07 19:48:21 ----D---- C:\Program Files (x86)\Vojensky ujezd Ralsko - Cihajici sovet

======List of files/folders modified in the last 1 month======

2014-12-03 18:52:58 ----D---- C:\Windows\Temp
2014-12-03 18:52:22 ----RD---- C:\Program Files
2014-12-03 18:49:05 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-03 18:49:00 ----D---- C:\Program Files (x86)\RebateInformer
2014-12-03 18:48:29 ----D---- C:\Users\Evža\AppData\Roaming\Seznam.cz
2014-12-03 18:46:50 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-03 18:44:00 ----D---- C:\Windows\system32\config
2014-12-03 18:43:52 ----D---- C:\Program Files (x86)\Steam
2014-12-03 18:42:12 ----D---- C:\ProgramData\NVIDIA
2014-12-03 18:09:17 ----D---- C:\Windows\system32\Tasks
2014-11-27 17:56:45 ----SHD---- C:\System Volume Information
2014-11-26 18:53:42 ----D---- C:\Windows\system32\wdi
2014-11-26 18:49:08 ----D---- C:\Program Files (x86)\McAfee
2014-11-26 18:11:55 ----HD---- C:\ProgramData
2014-11-26 18:00:34 ----D---- C:\ProgramData\McAfee
2014-11-26 17:59:43 ----RD---- C:\Program Files (x86)
2014-11-26 17:37:53 ----D---- C:\Windows\system32\catroot2
2014-11-26 17:24:21 ----D---- C:\Windows\system32\drivers
2014-11-26 16:48:00 ----D---- C:\Windows\winsxs
2014-11-26 16:47:57 ----D---- C:\Windows\System32
2014-11-26 16:47:51 ----D---- C:\Windows
2014-11-26 16:46:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-26 16:45:31 ----SHD---- C:\Windows\Installer
2014-11-25 20:43:44 ----D---- C:\Windows\SysWOW64
2014-11-23 12:55:16 ----RSD---- C:\Windows\Fonts
2014-11-20 20:53:53 ----D---- C:\Users\Evža\AppData\Roaming\spidla
2014-11-20 20:23:47 ----D---- C:\Users\Evža\AppData\Roaming\DominiGames
2014-11-20 20:22:11 ----D---- C:\Users\Evža\AppData\Roaming\Špidla Data Processing, s.r.o
2014-11-20 20:22:11 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2014-11-19 19:44:27 ----D---- C:\Windows\inf
2014-11-19 19:44:27 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-11-19 12:01:29 ----D---- C:\Windows\system32\catroot
2014-11-18 13:08:02 ----D---- C:\Windows\Prefetch
2014-11-16 09:10:19 ----D---- C:\ProgramData\iolo
2014-11-15 20:33:40 ----D---- C:\Program Files (x86)\Sony
2014-11-15 20:33:28 ----RSD---- C:\Windows\assembly
2014-11-15 20:33:10 ----D---- C:\Program Files\Sony
2014-11-15 20:29:33 ----D---- C:\Update
2014-11-14 18:12:26 ----D---- C:\Program Files (x86)\Zlodeji dusi
2014-11-14 17:54:53 ----D---- C:\Windows\rescache
2014-11-14 17:26:39 ----D---- C:\Windows\Microsoft.NET
2014-11-13 12:42:49 ----D---- C:\Windows\Tasks
2014-11-13 12:25:30 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 12:25:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 12:25:28 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 12:25:27 ----D---- C:\Program Files\Internet Explorer
2014-11-13 12:25:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 12:25:23 ----D---- C:\Windows\system32\en-US
2014-11-13 12:25:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-12 20:18:37 ----D---- C:\Windows\system32\MRT
2014-11-12 20:08:30 ----A---- C:\Windows\system32\MRT.exe
2014-11-12 13:10:50 ----D---- C:\Program Files (x86)\Inbox Toolbar
2014-11-07 19:49:27 ----D---- C:\Users\Evža\AppData\Roaming\quickclick

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-02-22 437272]
R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2011-10-15 647080]
R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2011-10-15 284648]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 mfenlfk;McAfee NDIS Light Filter; C:\Windows\system32\DRIVERS\mfenlfk.sys [2011-10-15 75808]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-16 2377216]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2011-10-15 65264]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-29 1581184]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2011-10-15 160280]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2011-10-15 229528]
R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2011-10-15 481768]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-29 173160]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []
S3 mfeavfk01;McAfee Inc.; C:\Windows\system32\drivers\mfeavfk01.sys []
S3 mferkdet;McAfee Inc. mferkdet; C:\Windows\system32\drivers\mferkdet.sys [2011-10-15 100912]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2014-11-15 13792]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 24x7HelpSvc;24x7HelpService; C:\Program Files (x86)\24x7Help\App24x7Svc.exe [2014-03-07 339808]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 APNMCP;Ask Update Service; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [2014-02-08 166352]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 GamingWonderlandService;GamingWonderlandService; C:\PROGRA~2\GAMING~2\bar\1.bin\gtbarsvc.exe [2012-01-27 42504]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-02-15 1564368]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 MarineAquarium3Free_57Service;Marine Aquarium LiteService; C:\PROGRA~2\MARINE~2\bar\1.bin\57barsvc.exe [2014-01-28 88648]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McMPFSvc;McAfee Personal Firewall Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 mcmscsvc;McAfee Services; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNaiAnn;McAfee VirusScan Announcer; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McNASvc;McAfee Network Agent; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McProxy;McAfee Proxy Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 McShield;McAfee McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [2011-12-06 199272]
R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2011-12-06 208536]
R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2011-12-06 161168]
R2 MSK80Service;McAfee Anti-Spam Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2011-01-27 249936]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-29 75064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VideoDownloadConverter_4zService;VideoDownloadConverterService; C:\PROGRA~2\VIDEOD~2\bar\1.bin\4zbarsvc.exe [2012-06-10 42504]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2014-02-28 1642544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S2 PCSUService;PC Speed Up Service; C:\Program Files (x86)\Zrychleni Pocitace\PCSUService.exe [2011-12-06 267488]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 McAWFwk;McAfee Activation Service; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [2010-08-09 220528]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
S3 McODS;McAfee Scanner; C:\Program Files\mcafee\VirusScan\mcods.exe [2011-10-18 502032]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-04 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2014-07-02 59240]
S4 McOobeSv;McAfee OOBE Service; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [2011-01-27 249936]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

#2 Příspěvek od **Márty84** » 03 pro 2014 19:01

Zdravim

tohle uz jsem dlouho nevidel

Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.
Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.

#3 Příspěvek od **Márty84** » 03 pro 2014 19:04

Dalsi ukol bude odinstalovat jeden z antiviru. Bezi tam Avast a McAfee. Doporucuji nechat Avast a McAfee vyhodit. Ale volba je samozrejme na vas.

funkymusic · #4 Příspěvek od **funkymusic** » 03 pro 2014 20:02

Zde máte log, souhlasim, není to nic pěkného...

# AdwCleaner v4.103 - Report created 03/12/2014 at 19:53:28
# Updated 01/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Evža - EVZA-VAIO
# Running from : C:\Users\Evža\Desktop\adwcleaner_4.103.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : 24x7HelpSvc
[#] Service Deleted : APNMCP
[#] Service Deleted : GamingWonderlandService
[#] Service Deleted : pcsuservice
[#] Service Deleted : VideoDownloadConverter_4zService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\Zoomex
Folder Deleted : C:\ProgramData\iolo
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\AlawarEntertainment
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\24x7 help
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlvPlayer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inbox Toolbar
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RebateInformer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SiteRanker
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoomex
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zrychleni Pocitace
Folder Deleted : C:\Program Files (x86)\24x7Help
Folder Deleted : C:\Program Files (x86)\AppGraffiti
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\GamingWonderland
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
Folder Deleted : C:\Program Files (x86)\iMesh Applications
Folder Deleted : C:\Program Files (x86)\Inbox Toolbar
Folder Deleted : C:\Program Files (x86)\RebateInformer
Folder Deleted : C:\Program Files (x86)\SimpleSpeedy
Folder Deleted : C:\Program Files (x86)\SiteRanker
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4z
Folder Deleted : C:\Program Files (x86)\Zoomex
Folder Deleted : C:\Program Files (x86)\Zrychleni Pocitace
Folder Deleted : C:\Users\EVA~1\AppData\Local\Temp\apn
Folder Deleted : C:\Users\Evža\AppData\Local\Conduit
Folder Deleted : C:\Users\Evža\AppData\Local\iac
Folder Deleted : C:\Users\Evža\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Evža\AppData\LocalLow\AppGraffiti
Folder Deleted : C:\Users\Evža\AppData\LocalLow\GamingWonderland
Folder Deleted : C:\Users\Evža\AppData\LocalLow\Inbox Toolbar
Folder Deleted : C:\Users\Evža\AppData\LocalLow\RebateInformer
Folder Deleted : C:\Users\Evža\AppData\LocalLow\SiteRanker
Folder Deleted : C:\Users\Evža\AppData\LocalLow\VideoDownloadConverter_4z
Folder Deleted : C:\Users\Evža\AppData\Roaming\24x7 help
Folder Deleted : C:\Users\Evža\AppData\Roaming\FlvPlayer
Folder Deleted : C:\Users\Evža\AppData\Roaming\quickclick
Folder Deleted : C:\Users\Evža\AppData\Roaming\iolo
Folder Deleted : C:\Users\Evža\AppData\Roaming\AlawarEntertainment
Folder Deleted : C:\Users\Public\Documents\iWin
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\{800B5000-A755-47E1-992B-48A1C1357F07}
Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\4zffxtbr@VideoDownloadConverter_4z.com
Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\AppGraffiti@AppGraffiti.com
[!] Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\toolbar@ask.com.xpi
Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\yasearch@yandex.ru
Folder Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\vb@yandex.ru
File Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\Extensions\toolbar@ask.com.xpi
File Deleted : C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\user.js

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [4zffxtbr@VideoDownloadConverter_4z.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [siteranker@siteranker.com]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [pcspeedup]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [RebateInformer]
Key Deleted : HKLM\SOFTWARE\Classes\AppGraffiti.AppGraffitiJS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver
Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.JSServer
Key Deleted : HKLM\SOFTWARE\Classes\Inbox.Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox
Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\rebinfo
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.Rebate Informer BHO
Key Deleted : HKLM\SOFTWARE\Classes\RebateI.RebateInformImageGen
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.DynamicBarButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncher.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SkinLauncherSettings.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin
Key Deleted : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.XMLSessionPlugin.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [24x7HELP]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnTbMon]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [InboxToolbar]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter Search Scope Monitor]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VideoDownloadConverter_4z Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Activities\Search\ask.com
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_5dec30d7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_ccfde35c
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [GamingWonderland Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66292684-B2C2-4C7C-B3D2-BF446E30744C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6BFF4BCB-7A73-45A7-AC4C-389A34E1D1EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B89F5C49-51DB-4974-AB5A-E25901AA339C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E9B5B0D2-D08A-49FC-8B5C-159B60BAA268}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{615E8AA1-6BB8-4A3D-A1CC-373194DB612C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB02BC6B-B0F0-4074-99E6-884B70FCB6AE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FB0E8A09-F08C-44CF-9E15-97ADAC016248}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8736C681-37A0-40C6-A0F0-4C083409151C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC99A798-FD3D-4AB4-969E-6071612524F9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A899079D-206F-43A6-BE6A-07E0FA648EA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C547C6C2-561B-4169-A2A5-20BA771CA93B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D5FEC983-01DB-414A-9456-AF95AC9ED7B5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{99E1F6FD-2E94-4CF6-8344-1BA63CD3BD9B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{48586425-6BB7-4F51-8DC6-38C88E3EBB58}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A899079D-206F-43A6-BE6A-07E0FA648EA0}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{93A3111F-4F74-4ED8-895E-D9708497629E}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{327F75ED-061B-4339-8CC6-5DD45AD1396D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{042DA63B-0933-403D-9395-B49307691690}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AF808758-C780-404C-A4EE-4526323FD9B6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{022C9F90-2E96-47D6-A971-107650154563}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28C3737A-32D1-492D-B76B-8D75EBBFB887}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{612AD33D-9824-4E87-8396-92374E91C4BB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{274daec0-c4e8-4f30-9e5c-9424990769b9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{27D9164B-31E2-4247-B2A7-EAFC6BDBF875}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{35C3B633-979A-470D-B277-E2119E567551}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3d29c02b-bf3e-4d3b-8a7a-e0e7d0f6dbab}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6DD47850-FCB1-4CE7-A4ED-D90DF0A499BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{274daec0-c4e8-4f30-9e5c-9424990769b9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6DD47850-FCB1-4CE7-A4ED-D90DF0A499BC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\24x7help
Key Deleted : HKCU\Software\AppGraffiti
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\Inbox Toolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\PrivitizeVPNInstallDates
Key Deleted : HKCU\Software\SiteRanker
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Rebate Informer
Key Deleted : HKCU\Software\MarineAquarium3Free_57
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\AppDataLow\SProtector
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z
Key Deleted : HKCU\Software\AppDataLow\Software\MarineAquarium3Free_57
Key Deleted : HKLM\SOFTWARE\24x7help
Key Deleted : HKLM\SOFTWARE\AppGraffiti
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\FlvPlayer
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Inbox Toolbar
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\VideoDownloadConverter_4z
Key Deleted : HKLM\SOFTWARE\Rebate Informer
Key Deleted : HKLM\SOFTWARE\MarineAquarium3Free_57
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FlvPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A957F04C-49F4-4375-8C8A-D04B769EFE47}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MarineAquarium3Free_57bar Uninstall Internet Explorer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{53820F89-063F-10D7-7457-06C201F4CBF0}
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\zoomex\sprote~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\simple~1\sprote~1.dll

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v25.0.1 (cs)

[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "MyPlayCity");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "MyPlayCity");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.myplaycity.com/");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.50dc81634b255.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"txtlnkusaolp00000800\")>-1url.match(/[...]
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.AWR.InstallDir", "\"C:\\\\Program Files (x86)\\\\Ask.com\\\\\"");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.AWR.domain", "\"www.search.ask.com\"");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.AWR.pref_tab_close", "[{\"title\":\"(38)%20Doru%C4%8Den%C3%A9%20%E2%80%93%20Seznam%20Email\",\"url\":\"hxxps://email.seznam.cz/#inbox/7353\",\"favIcon\":\"hxxps://email.seznam.cz[...]
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.enabledAddons", "4zffxtbr%40VideoDownloadConverter_4z.com:1.44.0.37704,AppGraffiti%40AppGraffiti.com:1.0.1.4,toolbar%40ask.com:31.4,%7B800b5000-a755-47e1-992b-48a1c1357f07%7D:1.5[...]
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.foxcub.prev.HP", "hxxp://start.myplaycity.com/");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.foxcub.prev.KWD", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=A24DDFE8-458B-4891-9591-FC41BA30A88A&n=77eda07c&ind=2012061820&p2=^HJ^xdm081^S01670^cz&search[...]
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://home.myplaycity.com/results.php?category=web&s=");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=A24DDFE8-458B-4891-9591-FC41BA30A88A&n=77eda07c&p2=^HJ^xdm081^S01670^cz");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2012061820");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm081^S01670^cz");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "A24DDFE8-458B-4891-9591-FC41BA30A88A");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1417629005348");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.searchHistory", "250947");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.vb@yandex.ru.description", "Keep all your favorite sites in one place with Visual Bookmarks. Simply click on the one of the mini webpages to visit a site. You can customize the n[...]
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("extensions.yasearch@yandex.ru.defender.homepage.protected", "hxxp://start.myplaycity.com/");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.allowSendURL", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.engineVerified", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.firstTbRun", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.geolastmodified", 1417629036);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.history", "seznam.cz");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.icqgeo", 42);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.installTime", "1344163912");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_most_visited_state", "1");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.numberOfSearches", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.previousFFVersion", "25.0.1");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.skip_default_search", "no");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.suggestions", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.uniqueID", "132888600913288862491329341945783");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.usageStatstTimestamp", 1416934162);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.version", "1.5.3");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherHideClicks", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherRedeemClicks", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.voucherWasShown", 0);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlEnableSuggestions", false);
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("icqtoolbar.xmlLanguage", "cs");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=A24DDFE8-458B-4891-9591-FC41BA30A88A&n=77eda07c&ind=2012061820&p2=^HJ^xdm081^S01670^cz&searchfor=");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
[9mvjtcpd.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v39.0.2171.71

[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchab.com/?aff=7&uid=c4760022-5045-11e2-a86e-ccaf78c07bdc&q={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.greatresults.info/?l=1&q={searchTerms}

-\\ Chromium v

[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchab.com/?aff=7&uid=c4760022-5045-11e2-a86e-ccaf78c07bdc&q={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.greatresults.info/?l=1&q={searchTerms}

-\\ Opera v26.0.1656.24

[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchab.com/?aff=7&uid=c4760022-5045-11e2-a86e-ccaf78c07bdc&q={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.myplaycity.com/results.php?category=web&s={searchTerms}
[C:\Users\Evža\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://websearch.greatresults.info/?l=1&q={searchTerms}

*************************

AdwCleaner[R0].txt - [43601 octets] - [03/12/2014 19:50:17]
AdwCleaner[S0].txt - [44253 octets] - [03/12/2014 19:53:28]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [44314 octets] ##########

Antivir vybírám Avast, jdu odebrat MacAffee

#5 Příspěvek od **Márty84** » 04 pro 2014 02:36

Postupujte podle navodu kolegy

vyosek píše: Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulozte nejlepe na plochu

Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu

Probehne vytvoreni zalohy a nasledne prohledavani

Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte

Postupujte podle navodu kolegy

vyosek píše: Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize
Kód: Vybrat vše
autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;
Nasledne kliknete na Run Script

PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem

funkymusic · #6 Příspěvek od **funkymusic** » 04 pro 2014 17:21

JRT log je zde:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Ev§a on źt 04.12.2014 at 17:12:53,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\agupdate
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\siteranker
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{4724C5D8-DFA7-417A-A2F5-1EABFEE9B4AC}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.Radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.Radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.RadioSettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.RadioSettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MarineAquarium3Free_57.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB5D199E-9659-47A2-930B-FC3B69061353}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{ab5d199e-9659-47a2-930b-fc3b69061353}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{ab5d199e-9659-47a2-930b-fc3b69061353}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{074d3229-0a22-491b-b9dd-ff3171d75f25}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{353ACA2E-F810-BEFD-5165-DBD03B397FFC}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{7c8f8fe5-9785-4f74-bcf8-895ef9752d97}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ab5d199e-9659-47a2-930b-fc3b69061353}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{ab5d199e-9659-47a2-930b-fc3b69061353}

~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\APP24X7HELP.EXE-CFA067EF.pf

~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\AstralaxWrapper
Successfully deleted: [Folder] "C:\Users\Ev§a\appdata\local\marineaquarium3free_57"
Successfully deleted: [Folder] "C:\Users\Ev§a\appdata\locallow\gamingwonderlandei"
Successfully deleted: [Folder] "C:\Users\Ev§a\appdata\locallow\marineaquarium3free_57"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamingwonderlandei"
Successfully deleted: [Folder] "C:\Program Files (x86)\marineaquarium3free_57"
Successfully deleted: [Folder] "C:\Program Files (x86)\video download converter"
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{21F60175-8D0D-4AFB-8532-8F6DC0F50F51}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{24D574AA-D9F3-4CBF-8EDE-0FB560F3A67F}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{25708DD7-6B85-4A8D-9835-BE0ECC11446A}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{27383FA2-F5D0-4E66-A4A8-C6598C59F143}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{27C6F008-0BF8-46B9-A40C-9A8510A5D4CA}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{2BCD4ADE-10B9-4025-9084-5F4F99E02A7A}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{2BDDF0ED-B1A7-47A8-B887-22D752730E03}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{31753AB1-935A-4C3A-9BE4-235C156489A4}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{39ACD44F-1446-4285-8C45-4A4011DB5636}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{4608B591-9BEB-4C29-8DCC-1FE608CEA50B}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{572E63FE-52FE-4F64-8B93-A92586CB0D66}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{5D5F529B-2A43-43FD-8298-7C1900726CD6}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{638C2157-7643-436E-B0D3-ADEBAA89B17E}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{663B21DA-642B-4914-A6BD-CEEFA6A5BA08}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{74823303-4BBC-4CCD-B176-DBDF7CD8D4F5}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{788B0E75-57BB-4CAA-9B83-A2AD35DEB82E}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{7A205B65-646B-413C-A505-01E5DE97A64D}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{7D7F45B5-BA3F-4D5F-9A9C-2792D86561DC}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{86ACD70F-AACF-4F17-84DA-E66EEFE23691}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{88D726D5-E4C9-48DE-A30E-65177CA1DC40}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{893E7554-480A-4171-ABA3-26F9843703F8}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{8E9B360A-73BB-43A0-95D2-906500F7DB51}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{996AA425-6B0F-43F2-A91F-16AAA6C37A25}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{C6187375-21C3-4A07-92A3-EF4FA0039425}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{C8F18518-72DA-4163-992B-BF0EB08FEF74}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{D78077BA-D5E1-44FA-A61C-D544F484D7C1}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{E2FFDE00-D39A-487F-8714-87AF8BEB71CC}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{EC03626D-3836-49CE-8A99-6FC34FB38307}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{FAA30683-CFE7-4835-A138-E6E134A98348}
Successfully deleted: [Empty Folder] C:\Users\Ev§a\appdata\local\{FCB3B0FF-A138-4B9C-BCCD-3C363159AF0F}

~~~ FireFox

Successfully deleted: [Folder] C:\Users\Ev§a\AppData\Roaming\mozilla\firefox\profiles\9mvjtcpd.default\extensions\57ffxtbr@marineaquarium3free_57.com
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\gtffxtbr@gamingwonderland.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@marineaquarium3free_57.com/plugin
Successfully deleted the following from C:\Users\Ev§a\AppData\Roaming\mozilla\firefox\profiles\9mvjtcpd.default\prefs.js

user_pref("extensions.foxcub.config.encodedConfig", "{\"core\":{\"configUrl\":\"hxxp://download.seznam.cz/software/conf/\",\"updateUrl\":\"hxxp://download.seznam.cz/software/c
Emptied folder: C:\Users\Ev§a\AppData\Roaming\mozilla\firefox\profiles\9mvjtcpd.default\minidumps [10 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 04.12.2014 at 17:20:10,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

funkymusic · #7 Příspěvek od **funkymusic** » 04 pro 2014 17:58

A tady je druhý log.

Děkuji moc!!!

Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Ev§a on źt 04.12.2014 at 17:24:03,09.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\EVA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.12.2014 17:27:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Alenka 2 - Kouzeln zemŘ deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Dobrodru§ně mahjongg - Kapitola 1 deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Emilka Holubov - Montezum…v poklad deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\FBReader for Windows deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Feng ćuej Mahjong deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Hledaźi poklad… deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Ledov‚ Drahokamy deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Natalie Brooks - Poklad ztracen‚ho kr lovstvˇ deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\N dhern zahrada deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Vesel kuýata deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Z hadn kuchaýka deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\üeźtˇ hrdinov‚ deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\Users\Default\AppData\Local\Sony Corporation deleted successfully
C:\Users\Ev§a\AppData\Local\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\SearchScopes\{63576C37-03D2-48DA-8198-82DE12D76E31} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7DFDE1A-30B3-43C9-82C4-92D3A5789311} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{a8625cb7-85fe-4936-92a4-b2a7c925209e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7DFDE1A-30B3-43C9-82C4-92D3A5789311} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CCB69577-088B-4004-9ED8-FF5BCC83A039} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{a8625cb7-85fe-4936-92a4-b2a7c925209e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default\prefs.js:

Added to C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "yafd:tabs");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default

user.js not found
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_04.12.2014_1741_.backup

ProfilePath: C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default

user.js not found
---- Lines ask.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- Lines extensions.50dc81634b255 removed from prefs.js ----
user_pref("extensions.50dc81634b255.epoch", "1392557192");
user_pref("extensions.50dc81634b255.url", "http://websolutiion.in/sync/?ext=zmx&pi ... ind=0&ssd=
---- FireFox user.js and prefs.js backups ----

prefs_04.12.2014_1741_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Úžasná tajemství mistra Leonarda not found
C:\PROGRA~3\Špidla Data Processing, s.r.o not found
C:\PROGRA~2\Úžasná tajemství Mistra Leonarda not found
C:\PROGRA~3\Úžasná tajemství mistra Leonarda not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\toolbar@ask.com.xpi not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com not found
C:\Windows\syswow64\appdata deleted
C:\PROGRA~3\WoW Worldwide Software LTD deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\PROGRA~2\Cesta za dobrodruzstvim - Na stope duchum deleted
C:\PROGRA~2\Cesta za dobrodruzstvim - Nadesel cas deleted
C:\PROGRA~2\Proroctvi ztraceneho kralovstvi deleted
C:\PROGRA~2\Pruzkumnici - Ztraceni v oceanu deleted
C:\PROGRA~2\Serif Standa 2 - Pripad ztracene veci deleted
C:\skype-setup.exe deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\ICQToolbarData deleted
C:\PROGRA~3\cdcbs.exe deleted
C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\50dc81634b1a8@50dc81634b1e0.com deleted
"C:\PROGRA~2\Princ z Persie a hamizny kalif" deleted
"C:\PROGRA~2\Proklety hrbitov - Krkavci kletba" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [26.11.2014 18:48]

==== Firefox Extensions ======================

ProfilePath: C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\AppGraffiti@AppGraffiti.com
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\yasearch@yandex.ru
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\vb@yandex.ru
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- MyPlayCity Toolbar - %ProfilePath%\extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Evža\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
omdfminhjphgogagakcoeemnefcbfjnh - C:\ProgramData\Zoomex\omdfminhjphgogagakcoeemnefcbfjnh.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
"Default_Page_URL"="http://vaioportal.sony.eu"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"SearchAssistant"="http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs"
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"SearchAssistant"="http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs"
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{04B98912-C5F4-437C-B1DE-49AB554FB181} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... kSearch_12"
{05E2782A-A131-464A-B270-76104795391D} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... kSearch_12"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{0CFB2A59-A990-4630-982D-6D4937E7C8F3} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12"
{59C775F7-640E-4176-A234-C4340DE16A46} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... kSearch_12"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... SA_csCZ469"
{6AFBD0DA-0E48-4717-AC14-4BC0292E8F84} Zinio Url="http://services.zinio.com/search?s={sea ... sonyslices"
{728E49F8-84BB-41EC-901F-F20904276D4F} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12"
{76526143-99C8-43C8-9E88-DE8474EA7373} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"
{A9720EFE-0238-401C-B238-EC99EB821180} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12"
{BD8ADF1E-4586-4B5F-B273-FF76493D8397} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... kSearch_12"
{D57422ED-53DD-40DD-8218-9B19A4BDE221} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... kSearch_12"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoomEx deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{311FB251-FAF6-C10D-23E6-B2D4EAFC90A7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{474A936C-4986-3840-C72F-4E03A7EB4D5F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51DB1896-1F17-1970-9FC2-DB227D21CF74} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\omdfminhjphgogagakcoeemnefcbfjnh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Evža\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Evža\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12751 folders=2501 1934835430 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Evža\AppData\Local\Temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\EVA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 04.12.2014 at 17:56:18,47 ======================

#8 Příspěvek od **Márty84** » 04 pro 2014 19:54

Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekce

funkymusic · #9 Příspěvek od **funkymusic** » 05 pro 2014 01:09

Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Ev§a on źt 04.12.2014 at 17:24:03,09.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\EVA~1\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

4.12.2014 17:27:42 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Alenka 2 - Kouzeln zemŘ deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Dobrodru§ně mahjongg - Kapitola 1 deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Emilka Holubov - Montezum…v poklad deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\FBReader for Windows deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Feng ćuej Mahjong deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Hledaźi poklad… deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Ledov‚ Drahokamy deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Natalie Brooks - Poklad ztracen‚ho kr lovstvˇ deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\N dhern zahrada deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Vesel kuýata deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Z hadn kuchaýka deleted successfully
C:\Users\EVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\üeźtˇ hrdinov‚ deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\Users\Default\AppData\Local\Sony Corporation deleted successfully
C:\Users\Ev§a\AppData\Local\WarThunder deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\SearchScopes\{63576C37-03D2-48DA-8198-82DE12D76E31} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7DFDE1A-30B3-43C9-82C4-92D3A5789311} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{a8625cb7-85fe-4936-92a4-b2a7c925209e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7DFDE1A-30B3-43C9-82C4-92D3A5789311} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{7DB2D5A0-7241-4E79-B68D-6309F01C5231} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{353ACA2E-F810-BEFD-5165-DBD03B397FFC} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{CCB69577-088B-4004-9ED8-FF5BCC83A039} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} deleted successfully
HKEY_USERS\S-1-5-21-1733478658-4031006406-2309067913-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{a8625cb7-85fe-4936-92a4-b2a7c925209e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{07189b84-b33b-4a1e-9b32-ad203c983c20} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{91397D20-1446-11D4-8AF4-0040CA1127B6} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default\prefs.js:

Added to C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\prefs.js:
user_pref("browser.search.defaulturl", "");
user_pref("browser.newtab.url", "yafd:tabs");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\EVA~2\AppData\Roaming\Mozilla\Firefox\Profiles\dgpkurrc.default

user.js not found
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_04.12.2014_1741_.backup

ProfilePath: C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default

user.js not found
---- Lines ask.com modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- Lines ffxtbr modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}\":{\"descriptor\":\"C:\\\\
---- Lines extensions.50dc81634b255 removed from prefs.js ----
user_pref("extensions.50dc81634b255.epoch", "1392557192");
user_pref("extensions.50dc81634b255.url", "http://websolutiion.in/sync/?ext=zmx&pi ... ind=0&ssd=
---- FireFox user.js and prefs.js backups ----

prefs_04.12.2014_1741_.backup

==== Batch Command(s) Run By Tool======================

C:\Windows\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Úžasná tajemství mistra Leonarda not found
C:\PROGRA~3\Špidla Data Processing, s.r.o not found
C:\PROGRA~2\Úžasná tajemství Mistra Leonarda not found
C:\PROGRA~3\Úžasná tajemství mistra Leonarda not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\toolbar@ask.com.xpi not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com not found
C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com not found
C:\Windows\syswow64\appdata deleted
C:\PROGRA~3\WoW Worldwide Software LTD deleted
C:\PROGRA~2\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\PROGRA~2\Cesta za dobrodruzstvim - Na stope duchum deleted
C:\PROGRA~2\Cesta za dobrodruzstvim - Nadesel cas deleted
C:\PROGRA~2\Proroctvi ztraceneho kralovstvi deleted
C:\PROGRA~2\Pruzkumnici - Ztraceni v oceanu deleted
C:\PROGRA~2\Serif Standa 2 - Pripad ztracene veci deleted
C:\skype-setup.exe deleted
C:\PROGRA~3\ICQ deleted
C:\PROGRA~3\InstallMate deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\ICQToolbarData deleted
C:\PROGRA~3\cdcbs.exe deleted
C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\50dc81634b1a8@50dc81634b1e0.com deleted
"C:\PROGRA~2\Princ z Persie a hamizny kalif" deleted
"C:\PROGRA~2\Proklety hrbitov - Krkavci kletba" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [26.11.2014 18:48]

==== Firefox Extensions ======================

ProfilePath: C:\Users\EVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\AppGraffiti@AppGraffiti.com
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\yasearch@yandex.ru
- Undetermined - C:\Users\EvĹľa\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\vb@yandex.ru
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- MyPlayCity Toolbar - %ProfilePath%\extensions\{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Evža\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
omdfminhjphgogagakcoeemnefcbfjnh - C:\ProgramData\Zoomex\omdfminhjphgogagakcoeemnefcbfjnh.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"
"Default_Page_URL"="http://vaioportal.sony.eu"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"SearchAssistant"="http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs"
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"SearchAssistant"="http://toolbar.inbox.com/search/ie.aspx ... 096&lng=cs"
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\se]
@="http://search.seznam.cz/?sourceid=quicksearch_6826&q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl\vi]
@="http://videa.seznam.cz/?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://toolbar.inbox.com/help/sa_custom ... tbid=80096"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://www.seznam.cz/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"SearchAssistant"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search]
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/ ... chcust.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{04B98912-C5F4-437C-B1DE-49AB554FB181} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... kSearch_12"
{05E2782A-A131-464A-B270-76104795391D} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... kSearch_12"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTer ... ORM=IESR02"
{0CFB2A59-A990-4630-982D-6D4937E7C8F3} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12"
{59C775F7-640E-4176-A234-C4340DE16A46} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... kSearch_12"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchT ... SA_csCZ469"
{6AFBD0DA-0E48-4717-AC14-4BC0292E8F84} Zinio Url="http://services.zinio.com/search?s={sea ... sonyslices"
{728E49F8-84BB-41EC-901F-F20904276D4F} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... kSearch_12"
{76526143-99C8-43C8-9E88-DE8474EA7373} eBay Url="http://rover.ebay.com/rover/1/14361-113 ... earchTerms}"
{A9720EFE-0238-401C-B238-EC99EB821180} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... kSearch_12"
{BD8ADF1E-4586-4B5F-B273-FF76493D8397} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... kSearch_12"
{D57422ED-53DD-40DD-8218-9B19A4BDE221} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... kSearch_12"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ZoomEx deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{311FB251-FAF6-C10D-23E6-B2D4EAFC90A7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{474A936C-4986-3840-C72F-4E03A7EB4D5F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{51DB1896-1F17-1970-9FC2-DB227D21CF74} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\omdfminhjphgogagakcoeemnefcbfjnh deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Evža\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Evža\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12751 folders=2501 1934835430 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Evža\AppData\Local\Temp emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\EVA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 04.12.2014 at 17:56:18,47 ======================

Děkuji moc

#10 Příspěvek od **Márty84** » 05 pro 2014 10:11

To je ale opet log z programku Zoek. Ja chtel MBAM

funkymusic · #11 Příspěvek od **funkymusic** » 05 pro 2014 17:26

Sakriš, omlouvám se.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4.12.2014
Scan Time: 20:22:31
Logfile: mbam_log.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.04.09
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: EvA3a

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 878529
Time Elapsed: 4 hr, 10 min, 42 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 16
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [29b006584636d95d5dd0765345bdb54b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [29b006584636d95d5dd0765345bdb54b],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [23b637270a72fc3aa38b0fba2bd7a25e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [23b637270a72fc3aa38b0fba2bd7a25e],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{AB5D199E-9659-47A2-930B-FC3B69061353}, , [1abf92cca0dceb4b00a41ae96f94e818],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{AB5D199E-9659-47A2-930B-FC3B69061353}, , [1abf92cca0dceb4b00a41ae96f94e818],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\CLASSES\RebInf64.RebateInformImageGen, , [50894f0fe696261006b0ad5493709f61],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\RebInf64.RebateInformImageGen, , [865387d76f0d1224eec87a87ef14649c],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\CLASSES\RebInf64.Rebate Informer BHO, , [ab2e72ec314ba690ded9e120699a59a7],
PUP.Optional.RebateInformer.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\RebInf64.Rebate Informer BHO, , [14c5b8a6621a85b1efc89e63aa59fb05],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\GamingWonderland, , [13c6d08e1666979fd2e18b2c39cb1be5],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@GamingWonderland.com/Plugin, , [a7329fbf13692e08872b2196d92bef11],
PUP.Optional.MindSpark.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MarineAquarium3Free_57Service, , [1abf2d31403cf442de59fe7619ea25db],
PUP.Optional.MindSpark.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GamingWonderland, , [bf1a99c5daa248ee2a3e74f7778c36ca],
PUP.Optional.MindSpark.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\VideoDownloadConverter_4z, , [bc1d491566164de93fdeb5b604ff7c84],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-1733478658-4031006406-2309067913-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\GamingWonderland, , [36a3a4baafcde650046444279f64649c],

Registry Values: 2
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Marine Aquarium Lite Home Page Guard 64 bit, "C:\PROGRA~2\MARINE~2\bar\1.bin\AppIntegrator64.exe", , [f9e0eb730f6da3935267ebbd59ab8779]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|GamingWonderland Search Scope Monitor, "C:\PROGRA~2\GAMING~2\bar\1.bin\gtsrchmn.exe" /m=2 /w /h, , [ad2c4a147ffd75c19f4b6a52867e49b7]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 10
PUP.Optional.AudioToAudioToolBar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\GamingWonderland\bar\1.bin\gtbarsvc.exe.vir, , [07d2550983f9082ea95ed363629ec838],
PUP.Optional.Inbox, C:\AdwCleaner\Quarantine\C\Program Files (x86)\Inbox Toolbar\Plugins\Update.exe.vir, , [e9f08cd206767bbbab8e8a9b3dc4916f],
PUP.Optional.AudioToAudioToolBar.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbarsvc.exe.vir, , [6a6fc896b3c972c492750e28b64a8b75],
PUP.Optional.MindSpark.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8EXTPEX.DLL.vir, , [4297243a691380b631b3c9835ea27789],
PUP.Optional.MindSpark.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\T8TICKER.DLL.vir, , [6475c09e1c60f244069be6aa9d68d828],
PUP.Optional.SilentInstall.A, C:\AdwCleaner\Quarantine\C\ProgramData\Zoomex\uninstall.exe.vir, , [c4153529671555e123e4081d1ee3a957],
PUP.Optional.ClientConnect, C:\AdwCleaner\Quarantine\C\Users\EvA3a\AppData\Local\Conduit\CT1392740\MyPlayCityAutoUpdaterHelper.exe.vir, , [16c380de98e4fd391ead4a71669b8b75],
PUP.Optional.FlvPlayer, C:\AdwCleaner\Quarantine\C\Users\EvA3a\AppData\Roaming\FlvPlayer\FlvPlayerApp.exe.vir, , [4a8ff8665c205fd74c275969e31fe61a],
Trojan.Ransom.NSDP, C:\Users\EvA3a\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\2eaad3b-34ae41a3, , [eaef3b2385f7e5517bd471a8fa073ec2],
PUP.Optional.ClientConnect, C:\Program Files (x86)\MyPlayCity\tbMyP1.dll, , [29b09ec01e5e181ee7e46b50bd44639d],

Physical Sectors: 0
(No malicious items detected)

(end)

#12 Příspěvek od **Márty84** » 05 pro 2014 18:22

Vsechny nalezy hodte do karanteny. Po restartu pc udelejte novy test (staci sken hrozeb - Threat Scan). Napiste jeho vysledek a podle nej zvolim dalsi postup.

funkymusic · #13 Příspěvek od **funkymusic** » 05 pro 2014 21:28

Hotovo, hozeno, test proveden -> nic nenalezeno.

#14 Příspěvek od **Márty84** » 06 pro 2014 09:47

MBAM muzete odinstalovat a dejte novy log z RSIT

funkymusic · #15 Příspěvek od **funkymusic** » 06 pro 2014 12:58

Zde je log:

Logfile of random's system information tool 1.10 (written by random/random)
Run by Evža at 2014-12-06 12:56:23
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 320 GB (54%) free of 594 GB
Total RAM: 4078 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:56:31, on 6.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXE
C:\Program Files\trend micro\Evža.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [PhilipsSongbirdLauncher] C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe
O4 - HKCU\..\Run: [AppGraffiti] "C:\PROGRA~2\APPGRA~1\AppGraffiti.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/ ... s-i586.cab
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 13784 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
winlogon.exe
"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"
"C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe"
C:\Windows\system32\nvvsvc.exe -session -first
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"taskhost.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe"
"C:\Program Files (x86)\Bluetooth Suite\adminservice.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe"
"C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe"
C:\Windows\SysWOW64\PnkBstrA.exe
"C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE"
taskeng.exe {B6951482-4F88-4282-AB17-7E72D29EAE17}
"C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe" /AutoStart
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
WLIDSvcM.exe 2732
"C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe"
C:\Windows\SysWOW64\DllHost.exe /Processid:{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}
C:\Windows\SysWOW64\DllHost.exe /Processid:{CB45D4CA-8A34-4EF1-9957-6134E5270E83}
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
"C:\Program Files\Sony\VAIO Smart Network\VSNService.exe"
C:\Windows\system32\svchost.exe -k bthsvcs
/Device:000000a1
"C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe"
"C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"C:\Program Files (x86)\Steam\Steam.exe" -silent
szndesktop.exe default start
"C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\Windows\system32\conhost.exe "106351528117159784801870045357-1219251135-1752419943487264978-316863418-321847292
"C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--run_as_user_process"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
"C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files\AVAST Software\Avast\avastui.exe" /nogui
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe" /Stationary
"C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
"C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe"
C:\Windows\System32\svchost.exe -k secsvcs
"C:\Program Files (x86)\Steam\bin\steamwebhelper.exe" -cefhost -cachedir "C:\Program Files (x86)\Steam\config\htmlcache" -cookiepath "C:\Program Files (x86)\Steam\config\cookies" -steampid 4764 --blacklist-accelerated-compositing --process-per-tab --disable-accelerated-video-decode --enable-direct-write
"C:\Program Files\Sony\VAIO Update\vuagent.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"
"C:\Program Files\Sony\VAIO Care\VCSystemTray.exe" -versionsave -reminder -autoupdate
"taskhost.exe"
"C:\Program Files\Sony\VAIO Care\VCService.exe"
"C:\Program Files\Sony\VAIO Care\VCAgent.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Sony\VAIO Care\VCAdmin.exe"
C:\PROGRA~1\Sony\VAIOCA~1\Iolo\IOLOTO~1.EXE -Embedding

"C:\Users\Evža\Desktop\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

=========Mozilla firefox=========

ProfilePath - C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default

prefs.js - "Keyword.Enabled" - "true"
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.google.com"
prefs.js - "keyword.URL" - "http://www.google.com/search?btnG=Google+Search&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files (x86)\Sony\MSS\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 15.0.0.239 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\
{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\extensions\
{4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Evža\AppData\Roaming\Mozilla\Firefox\Profiles\9mvjtcpd.default\searchplugins\
yqs-barff-yandex.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-08-08 49440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D10F6C4-0E01-4BD4-8601-11AC1FDF8126}]
CIESpeechBHO Class - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29 64672]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll [2014-10-30 294400]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll [2014-10-30 241864]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [2011-03-29 518784]
"AtherosBtStack"=C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [2011-04-29 790688]
"AthBtTray"=C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [2011-04-29 657568]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"=C:\Program Files (x86)\Steam\Steam.exe [2014-11-18 1940160]
"cz.seznam.software.autoupdate"=C:\Users\Evža\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Evža\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"PhilipsSongbirdLauncher"=C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-autoplay@philips.com\application\PhilipsSongbirdLauncher.exe [2014-04-11 346624]
"AppGraffiti"=C:\PROGRA~2\APPGRA~1\AppGraffiti.exe []
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21 1475584]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21 959176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [2012-12-18 38112]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"=C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [2010-09-13 283160]
"ISBMgr.exe"=C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2011-02-15 2757312]
"PMBVolumeWatcher"=C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [2010-11-27 648032]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-02-15 1564368]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-03-21 1061960]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-11-26 5226600]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableTaskMgr"=0
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"midi2"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-12-06 00:00:12 ----D---- C:\Users\Evža\AppData\Roaming\iolo
2014-12-06 00:00:12 ----D---- C:\ProgramData\iolo
2014-12-04 20:21:33 ----D---- C:\ProgramData\Malwarebytes
2014-12-04 17:56:29 ----SHD---- C:\$RECYCLE.BIN
2014-12-04 17:53:52 ----A---- C:\Windows\zoek-delete.exe
2014-12-04 17:53:51 ----D---- C:\Windows\Temp
2014-12-04 17:23:32 ----D---- C:\zoek_backup
2014-12-04 17:12:31 ----D---- C:\Windows\ERUNT
2014-12-03 19:50:08 ----D---- C:\AdwCleaner
2014-12-03 18:52:22 ----D---- C:\Program Files\trend micro
2014-12-03 18:52:21 ----D---- C:\rsit
2014-11-26 17:59:43 ----D---- C:\Program Files (x86)\Opera
2014-11-26 16:50:03 ----D---- C:\Users\Evža\AppData\Roaming\AVAST Software
2014-11-26 16:48:10 ----A---- C:\Windows\system32\drivers\aswStm.sys
2014-11-26 16:48:06 ----A---- C:\Windows\system32\drivers\aswVmm.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswSP.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswRvrt.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswMonFlt.sys
2014-11-26 16:48:05 ----A---- C:\Windows\system32\drivers\aswHwid.sys
2014-11-26 16:48:04 ----A---- C:\Windows\system32\drivers\aswRdr2.sys
2014-11-26 16:48:02 ----A---- C:\Windows\system32\drivers\aswsnx.sys
2014-11-26 16:47:57 ----A---- C:\Windows\system32\aswBoot.exe
2014-11-26 16:47:26 ----A---- C:\Windows\avastSS.scr
2014-11-26 16:46:47 ----D---- C:\Program Files\AVAST Software
2014-11-26 16:44:02 ----D---- C:\ProgramData\AVAST Software
2014-11-26 16:43:21 ----D---- C:\Program Files (x86)\Yandex
2014-11-26 16:43:04 ----D---- C:\Users\Evža\AppData\Roaming\Opera Software
2014-11-26 16:42:51 ----D---- C:\Users\Evža\AppData\Roaming\Yandex
2014-11-26 16:41:51 ----D---- C:\Users\Evža\AppData\Roaming\ImperiaOnline
2014-11-23 12:54:58 ----D---- C:\Users\Evža\AppData\Roaming\Maxthon3
2014-11-23 12:54:28 ----D---- C:\Program Files (x86)\Maxthon
2014-11-20 20:20:00 ----D---- C:\Program Files (x86)\Bratr a sestra - smrti navzdory
2014-11-19 12:06:31 ----A---- C:\Windows\system32\pku2u.dll
2014-11-19 12:06:31 ----A---- C:\Windows\system32\kerberos.dll
2014-11-19 12:06:29 ----A---- C:\Windows\SYSWOW64\pku2u.dll
2014-11-19 12:06:29 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2014-11-12 13:27:09 ----A---- C:\Windows\system32\generaltel.dll
2014-11-12 13:27:08 ----A---- C:\Windows\system32\aepdu.dll
2014-11-12 13:27:04 ----A---- C:\Windows\system32\aeinv.dll
2014-11-12 13:26:59 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2014-11-12 13:26:59 ----A---- C:\Windows\system32\termsrv.dll
2014-11-12 13:26:59 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2014-11-12 13:26:59 ----A---- C:\Windows\system32\adtschema.dll
2014-11-12 13:26:58 ----A---- C:\Windows\system32\lsasrv.dll
2014-11-12 13:26:55 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2014-11-12 13:26:55 ----A---- C:\Windows\system32\msaudite.dll
2014-11-12 13:26:54 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2014-11-12 13:26:54 ----A---- C:\Windows\SYSWOW64\secur32.dll
2014-11-12 13:26:20 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2014-11-12 13:26:20 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 13:26:19 ----A---- C:\Windows\system32\ieetwproxystub.dll
2014-11-12 13:26:19 ----A---- C:\Windows\system32\ieetwcollector.exe
2014-11-12 13:26:17 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2014-11-12 13:26:16 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2014-11-12 13:26:16 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2014-11-12 13:26:16 ----A---- C:\Windows\system32\iernonce.dll
2014-11-12 13:26:16 ----A---- C:\Windows\system32\ie4uinit.exe
2014-11-12 13:26:15 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 13:26:15 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2014-11-12 13:26:15 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 13:26:14 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2014-11-12 13:26:14 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2014-11-12 13:26:13 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2014-11-12 13:26:13 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2014-11-12 13:26:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2014-11-12 13:26:12 ----A---- C:\Windows\system32\urlmon.dll
2014-11-12 13:26:12 ----A---- C:\Windows\system32\iedkcs32.dll
2014-11-12 13:26:11 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2014-11-12 13:26:11 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2014-11-12 13:26:10 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2014-11-12 13:26:10 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2014-11-12 13:26:09 ----A---- C:\Windows\SYSWOW64\ieui.dll
2014-11-12 13:26:09 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2014-11-12 13:26:09 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-12 13:26:09 ----A---- C:\Windows\system32\dxtrans.dll
2014-11-12 13:26:08 ----A---- C:\Windows\system32\msfeeds.dll
2014-11-12 13:26:07 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2014-11-12 13:26:07 ----A---- C:\Windows\system32\iesetup.dll
2014-11-12 13:26:07 ----A---- C:\Windows\system32\ieapfltr.dll
2014-11-12 13:26:06 ----A---- C:\Windows\system32\iertutil.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\wininet.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 13:26:05 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2014-11-12 13:26:05 ----A---- C:\Windows\system32\jsproxy.dll
2014-11-12 13:26:05 ----A---- C:\Windows\system32\ieUnatt.exe
2014-11-12 13:26:04 ----A---- C:\Windows\SYSWOW64\msrating.dll
2014-11-12 13:26:04 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\ieui.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\ieframe.dll
2014-11-12 13:26:03 ----A---- C:\Windows\system32\dxtmsft.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\vbscript.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\mshtmlmedia.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\mshtmled.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\jscript9diag.dll
2014-11-12 13:26:02 ----A---- C:\Windows\system32\jscript9.dll
2014-11-12 13:26:01 ----A---- C:\Windows\system32\wininet.dll
2014-11-12 13:26:01 ----A---- C:\Windows\system32\MshtmlDac.dll
2014-11-12 13:26:00 ----A---- C:\Windows\system32\msrating.dll
2014-11-12 13:26:00 ----A---- C:\Windows\system32\mshtml.dll
2014-11-12 13:25:38 ----A---- C:\Windows\system32\msxml3.dll
2014-11-12 13:25:37 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2014-11-12 13:25:37 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2014-11-12 13:25:37 ----A---- C:\Windows\system32\msxml3r.dll
2014-11-12 13:25:35 ----A---- C:\Windows\SYSWOW64\IMJP10K.DLL
2014-11-12 13:25:35 ----A---- C:\Windows\system32\IMJP10K.DLL
2014-11-12 13:25:33 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 13:25:33 ----A---- C:\Windows\system32\AUDIOKSE.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\EncDump.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\audiosrv.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\AudioSes.dll
2014-11-12 13:25:32 ----A---- C:\Windows\system32\AudioEng.dll
2014-11-12 13:25:31 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2014-11-12 13:25:31 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2014-11-12 13:25:26 ----A---- C:\Windows\system32\schannel.dll
2014-11-12 13:25:25 ----A---- C:\Windows\SYSWOW64\schannel.dll
2014-11-12 13:25:25 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2014-11-12 13:25:25 ----A---- C:\Windows\system32\ncrypt.dll
2014-11-12 13:25:24 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2014-11-12 13:25:24 ----A---- C:\Windows\system32\wdigest.dll
2014-11-12 13:25:24 ----A---- C:\Windows\system32\msv1_0.dll
2014-11-12 13:25:23 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2014-11-12 13:25:23 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2014-11-12 13:25:23 ----A---- C:\Windows\system32\TSpkg.dll
2014-11-12 13:25:22 ----A---- C:\Windows\SYSWOW64\credssp.dll
2014-11-12 13:25:22 ----A---- C:\Windows\system32\credssp.dll
2014-11-12 13:24:58 ----A---- C:\Windows\SYSWOW64\packager.dll
2014-11-12 13:24:58 ----A---- C:\Windows\system32\packager.dll
2014-11-12 13:24:52 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2014-11-12 13:24:52 ----A---- C:\Windows\system32\oleaut32.dll
2014-11-12 13:24:49 ----A---- C:\Windows\SYSWOW64\msi.dll
2014-11-12 13:24:49 ----A---- C:\Windows\system32\msi.dll
2014-11-12 13:24:38 ----A---- C:\Windows\system32\win32k.sys
2014-11-07 19:48:21 ----D---- C:\Program Files (x86)\Vojensky ujezd Ralsko - Cihajici sovet

======List of files/folders modified in the last 1 month======

2014-12-06 12:56:31 ----D---- C:\Windows\Prefetch
2014-12-06 12:53:23 ----RD---- C:\Program Files (x86)
2014-12-06 12:53:23 ----D---- C:\Windows\system32\drivers
2014-12-06 00:00:12 ----HD---- C:\ProgramData
2014-12-05 21:16:20 ----D---- C:\Program Files (x86)\Mozilla Firefox
2014-12-05 20:58:19 ----D---- C:\Windows\system32\config
2014-12-05 20:47:59 ----D---- C:\Users\Evža\AppData\Roaming\Seznam.cz
2014-12-05 20:44:59 ----A---- C:\Windows\SYSWOW64\log.txt
2014-12-05 20:43:05 ----D---- C:\Program Files (x86)\Steam
2014-12-05 20:42:23 ----D---- C:\ProgramData\NVIDIA
2014-12-05 20:41:46 ----D---- C:\Windows\IME
2014-12-05 20:40:55 ----D---- C:\Program Files (x86)\MyPlayCity
2014-12-04 19:17:40 ----A---- C:\Windows\SYSWOW64\PnkBstrB.exe
2014-12-04 17:55:03 ----D---- C:\Windows
2014-12-04 17:53:27 ----RD---- C:\Users
2014-12-04 17:48:11 ----D---- C:\Windows\SysWOW64
2014-12-04 17:41:50 ----D---- C:\Windows\System32
2014-12-04 17:27:49 ----D---- C:\Windows\system32\drivers\etc
2014-12-04 17:27:38 ----SHD---- C:\System Volume Information
2014-12-03 20:15:35 ----D---- C:\Windows\inf
2014-12-03 20:15:35 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-12-03 20:08:26 ----D---- C:\ProgramData\McAfee
2014-12-03 20:08:26 ----D---- C:\Program Files\Common Files
2014-12-03 20:08:26 ----D---- C:\Program Files (x86)\McAfee
2014-12-03 20:08:15 ----RD---- C:\Program Files
2014-12-03 18:09:17 ----D---- C:\Windows\system32\Tasks
2014-11-26 18:53:42 ----D---- C:\Windows\system32\wdi
2014-11-26 17:37:53 ----D---- C:\Windows\system32\catroot2
2014-11-26 16:48:00 ----D---- C:\Windows\winsxs
2014-11-26 16:46:28 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2014-11-26 16:45:31 ----SHD---- C:\Windows\Installer
2014-11-24 14:04:56 ----N---- C:\Windows\system32\MpSigStub.exe
2014-11-23 12:55:16 ----RSD---- C:\Windows\Fonts
2014-11-20 20:53:53 ----D---- C:\Users\Evža\AppData\Roaming\spidla
2014-11-20 20:23:47 ----D---- C:\Users\Evža\AppData\Roaming\DominiGames
2014-11-20 20:22:11 ----D---- C:\Users\Evža\AppData\Roaming\Špidla Data Processing, s.r.o
2014-11-20 20:22:11 ----D---- C:\ProgramData\Špidla Data Processing, s.r.o
2014-11-19 12:01:29 ----D---- C:\Windows\system32\catroot
2014-11-15 20:33:40 ----D---- C:\Program Files (x86)\Sony
2014-11-15 20:33:28 ----RSD---- C:\Windows\assembly
2014-11-15 20:33:10 ----D---- C:\Program Files\Sony
2014-11-15 20:29:33 ----D---- C:\Update
2014-11-14 18:12:26 ----D---- C:\Program Files (x86)\Zlodeji dusi
2014-11-14 17:54:53 ----D---- C:\Windows\rescache
2014-11-14 17:26:39 ----D---- C:\Windows\Microsoft.NET
2014-11-13 12:42:49 ----D---- C:\Windows\Tasks
2014-11-13 12:25:30 ----SD---- C:\Windows\system32\CompatTel
2014-11-13 12:25:28 ----D---- C:\Windows\SYSWOW64\cs-CZ
2014-11-13 12:25:28 ----D---- C:\Windows\system32\cs-CZ
2014-11-13 12:25:27 ----D---- C:\Program Files\Internet Explorer
2014-11-13 12:25:24 ----D---- C:\Windows\SYSWOW64\en-US
2014-11-13 12:25:23 ----D---- C:\Windows\system32\en-US
2014-11-13 12:25:21 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-12 20:18:37 ----D---- C:\Windows\system32\MRT
2014-11-12 20:08:30 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-26 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-26 267632]
R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2011-02-22 437272]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-26 93568]
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-26 1050432]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-26 436624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-26 29208]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-26 83280]
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys [2014-11-26 116728]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect; C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 AthBTPort;Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2011-04-29 36000]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-02-16 2377216]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2011-04-29 259232]
R3 btath_avdt;Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2011-04-29 109216]
R3 BTATH_BUS;Atheros Bluetooth Bus; C:\Windows\system32\drivers\btath_bus.sys [2011-04-29 29344]
R3 BTATH_HCRP;Bluetooth HCRP Server driver; C:\Windows\system32\drivers\btath_hcrp.sys [2011-04-29 166048]
R3 BTATH_LWFLT;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2011-04-29 59040]
R3 BTATH_RCP;Bluetooth AVRCP Device; C:\Windows\system32\drivers\btath_rcp.sys [2011-04-29 283296]
R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2011-04-29 288416]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT64.sys [2011-03-29 1581184]
R3 MEIx64;Intel(R) Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2011-03-29 173160]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver; C:\Windows\system32\DRIVERS\RtsPStor.sys [2011-03-29 335464]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2011-03-29 425064]
R3 SFEP;Sony Firmware Extension Parser; C:\Windows\system32\drivers\SFEP.sys [2010-04-26 12032]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\drivers\Apfiltr.sys []
S3 ATHDFU;Atheros Valkyrie USB BootROM; C:\Windows\System32\Drivers\AthDfu.sys [2011-04-29 51872]
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y60x64.sys [2009-06-10 281088]
S3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-21 109056]
S3 semav6thermal64ro;semav6thermal64ro; \??\C:\Windows\system32\drivers\semav6thermal64ro.sys [2014-11-15 13792]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM); C:\Windows\system32\DRIVERS\ss_bbus.sys [2009-09-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter); C:\Windows\system32\DRIVERS\ss_bmdfl.sys [2009-09-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem; C:\Windows\system32\DRIVERS\ss_bmdm.sys [2009-09-19 161280]
S3 ss_bserd;SAMSUNG USB Mobile Logging Driver; C:\Windows\system32\DRIVERS\ss_bserd.sys [2009-09-19 128000]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\sscdbus.sys [2010-11-11 136264]
S3 sscdmdfl;SAMSUNG Mobile Modem Filter; C:\Windows\system32\DRIVERS\sscdmdfl.sys [2010-11-11 19016]
S3 sscdmdm;SAMSUNG Mobile Modem Drivers; C:\Windows\system32\DRIVERS\sscdmdm.sys [2010-11-11 172104]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudserd.sys [2014-01-22 206080]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 usbrndis6;Adaptér USB RNDIS6; C:\Windows\system32\DRIVERS\usb80236.sys [2013-02-12 19968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
R2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2011-04-29 146592]
R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [2011-04-29 91296]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-26 50344]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-09-13 13336]
R2 IconMan_R;IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2011-03-29 2361344]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2011-02-01 326168]
R2 NVSvc;NVIDIA Driver Helper Service; C:\Windows\system32\nvvsvc.exe [2011-02-18 993896]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 PnkBstrA;PnkBstrA; C:\Windows\syswow64\PnkBstrA.exe [2014-05-29 75064]
R2 SeaPort;SeaPort; C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-02-25 249648]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-02-18 378472]
R2 uCamMonitor;CamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2011-02-23 105024]
R2 UNS;Intel(R) Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-02-01 2656280]
R2 VAIO Event Service;VAIO Event Service; C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [2011-03-05 64704]
R2 VSNService;VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2011-02-28 852160]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528]
R3 USER_ESRV_SVC;User Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
R3 VCService;VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [2014-07-02 59240]
R3 VUAgent;VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [2014-02-28 1642544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 ESRV_SVC;Energy Server Service; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-01 377768]
S2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2012-02-15 1564368]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe /McCoreSvc []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26 267440]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 BBSvc;Bing Bar Update Service; C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-01 183560]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-14 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-10-04 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [2013-10-16 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-05-04 119408]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 SpfService;VAIO Entertainment Common Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-01-20 286936]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2009-07-16 316664]
S3 VCFw;VAIO Content Folder Watcher; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-01-20 887000]
S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-05-19 549616]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface; C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-02-18 99104]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-01-18 1255736]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Děkuji

VIRY.CZ

Notebook Sony Vaio se zasekává

Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává

Re: Notebook Sony Vaio se zasekává